Deployments and Testing/Test Users

Test Users with Management SDKs

The management SDK requires a management key, which can be generated here.

You can use Descope management SDK for common test user management operations.

Install SDK

Terminal
npm i --save @descope/node-sdk

Import and initialize Management SDK

import DescopeClient from '@descope/node-sdk';
 
const managementKey = "xxxx"
 
try{
    //  baseUrl="<URL>" // When initializing the Descope clientyou can also configure the baseUrl ex: https://auth.company.com  - this is useful when you utilize CNAME within your Descope project.
    const descopeClient = DescopeClient({ projectId: '__ProjectID__', managementKey: managementKey });
} catch (error) {
    // handle the error
    console.log("failed to initialize: " + error)
}
 
// Note that you can handle async operation failures and capture specific errors to customize errors.
//     An example can be found here: https://github.com/descope/node-sdk?tab=readme-ov-file#error-handling

Create Test User

This operation creates a new test user within the project with the details provided.

// Args:
//   loginId (str): The login ID of the test user to be created.
const loginId = "xxxx"
//   email (str): Optional user email address of the test user to be created.
const email = "email@company.com"
//   phone (str): Optional user phone number of the test user to be created.
const phone = "+12223334455"
//   displayName (str): Optional user display name of the test user to be created.
const displayName = "Joe Person"
//    roles (List[str]): An optional list of the user's roles without tenant association. These roles are mutually exclusive with the `user_tenant` roles, which take precedence over them.
const roles = ["TestRole1"]
//    userTenants (List[UserTenants]): An optional list of the user's tenants, and optionally, their roles per tenant. These roles are mutually exclusive with the general `role_names`, and take precedence over them.
const userTenants = [{ tenantId: 'TestTenant', roleNames: ['TestRole'] }]
//   customAttributes (dict): Optional, set the different custom attributes values of the keys that were previously configured in Descope console app
const customAttributes = {"Attribute 1": "Value 1", "Attribute 2": "Value 2"}
//   picture (str): Optional url for user picture
const picture = "xxxx"
//   verifiedEmail (bool): Set to true for the user to be able to login with the email address.
const verifiedEmail = true // or false
//   verifiedPhone (bool): Set to true for the user to be able to login with the phone number.
const verifiedPhone = true // or false
//   additionalLoginIds (optional List[str]): An optional list of additional login IDs to associate with the user
const additionalLoginIds = ["MyUserName", "+12223334455"]
 
const resp = await descopeClient.management.user.createTestUser(
  loginId,
  email,
  phone,
  displayName,
  roles,
  userTenants,
  customAttributes,
  picture,
  verifiedEmail,
  verifiedPhone,
  null,
  null,
  null,
  additionalLoginIds
);
if (!resp.ok) {
  console.log("Failed to create test user")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  console.log("Successfully created test user")
  console.log(resp.data)
}

Generate OTP For Test User

This operation generates an OTP code for authenticating a test user.

Note that signin is not complete without the user verification step, which can be performed using the backend SDKs.

// Args:
//    deliveryMethod: Delivery method to use to send OTP. Supported values include "email", "voice, or "sms"
const deliveryMethod = "email"
//    loginId (str): The login ID of the user.
const loginId = "xxxx"
 
 
const resp = await descopeClient.management.user.generateOTPForTestUser(deliveryMethod, loginId);
if (!resp.ok) {
  console.log("Failed to generate test user OTP")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  console.log("Successfully generated test user OTP")
  console.log("OTP Code: " + resp.data.code)
}

This operation generates an Magic Link for authenticating a test user. The response contains the link, which contains the token needed to verify the user within the user verification step, which can be performed using the backend SDKs. The token arrives as a query parameter named 't' which can be parse out of the link, see examples below.

// Args:
//  deliveryMethod: Delivery method to use to send OTP. Supported values include "email", "voice, or "sms"
const deliveryMethod = "email"
//  loginId (str): The login ID of the user.
const loginId = "xxxx"
//  uri: this is the link that user is sent (code appended) for verification. Your application needs to host this page and extract the token for verification. The token arrives as a query parameter named 't'
const uri = "" // This can be an empty string for testing purposes
 
const resp = await descopeClient.management.user.generateMagicLinkForTestUser(deliveryMethod,loginId, uri);
if (!resp.ok) {
  console.log("Failed to generate test user Magic Link")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  const token = resp.data.link.split("?t=")[1]
  console.log("Successfully generated test user Magic Link")
  console.log("Magic Link Token: " + token)
}

This operation generates an Enchanted Link for authenticating a test user.

The generate Enchanted Link for test user call returns a pendingRef and a link. Parse the link to capture the token, then utilize the backend SDK to verify the token. You will also need to utilize the pendingRef to poll for verification status in order to receive the test user's JWT.

// Args:
//  loginId (str): The login ID of the user.
const loginId = "xxxx"
//  uri: this is the link that user is sent (code appended) for verification. Your application needs to host this page and extract the token for verification. The token arrives as a query parameter named 't'
const uri = "" // This can be an empty string for testing purposes
 
const resp = await descopeClient.management.user.generateEnchantedLinkForTestUser(loginId, uri);
if (!resp.ok) {
  console.log("Failed to generate test user Enchanted Link")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  const token = resp.data.link.split("?t=")[1]
  console.log("Successfully generated test user Enchanted Link")
  console.log("Enchanted Link Token: " + token)
  console.log("Enchanted Link Pending Ref: " + resp.get("pendingRef", ""))
}

This operation generates an Embedded Link for authenticating a test user. The response returns the token to be used in the user verification step, which can be performed using the backend SDKs.

// Args:
//  loginId (str): The login ID of the user.
const loginId = "xxxx"
//   customClaims (dict): Custom claims to add to JWT, system claims will be filtered out
const customClaims = {"custom-key1": "custom-value1", "custom-key2": "custom-value2"}
 
const resp = await descopeClient.management.user.generateEmbeddedLink(loginId, customClaims);
if (!resp.ok) {
  console.log("Failed to generate test user Embedded Link")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  const token = resp.data.token;
  console.log("Successfully generated test user Embedded Link")
  console.log("Embedded Link Token: " + token)
}

Delete a Test User

This operation allows administrators to delete an existing test user. This action will delete the users forever and they will not be recoverable.

// Args:
//    login_id (str): The login_id of the user to be deleted.
const loginId = "email@company.com"
 
const resp = await descopeClient.management.user.delete(loginId);
if (!resp.ok) {
  console.log("Failed to delete user.")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  console.log("Successfully deleted user.")
  console.log(resp.data)
}

Delete All Test Users

This operation deletes all test users within the project. This action will delete these users forever and they will not be recoverable.

// Args:
//  None
 
const resp = await descopeClient.management.user.deleteAllTestUsers();
if (!resp.ok) {
  console.log("Failed to delete test users")
  console.log("Status Code: " + resp.code)
  console.log("Error Code: " + resp.error.errorCode)
  console.log("Error Description: " + resp.error.errorDescription)
  console.log("Error Message: " + resp.error.errorMessage)
}
else {
  console.log("Successfully deleted test users")
}
Was this helpful?

Test Users

Learn how to easily implement test user management and authorization for your app with Descope.

User Impersonation

This guide will cover the fundamentals of user impersonation and how to impersonate users with Descope.

On this page